– Enhanced Tracking Protection will be turned on by default; default standard setting for this feature now blocks third-party tracking cookies and cryptominers– support for the Web Authentication HmacSecret extension via Windows Hello– various security fixes

Interestingly, Scroll contacted us at Ghostery during their beta phase as our cookie blocking was preventing the subscription detection. I suggested a few ways they could implement the service without having to track all non-scroll users too, including a per-site login button, but unfortunately they didn't take up the offer...

First, [Google]’s continuing to argue that third-party cookies are actually fine, and companies like Apple and Mozilla who would restrict trackers’ access to user data will end up harming user privacy. This argument is absurd. But unfortunately, as long as Chrome remains the most popular browser in the world, Google will be able to single-handedly dictate whether cookies remain a viable option for tracking most users.

A very nice writeup and retrospective from Feross about his open source project maintainer funding experiment. (The one with ads the in cli that caused a big stink.) For anyone involved in building, maintaining, or using open source projects it's worth a read.

I reimplemented the libdweb TCPSocket API moving the actual networking to the parent process. This should fix the issues with Linux and Mac process sandboxes blocking socket creation. Now to do UDPSocket too!